package com.vcaresolution.logistic.util;

import java.util.List;
import java.util.Map;

import javax.servlet.http.HttpSession;

import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import com.vcaresolution.logistic.to.UserProfileTO;

/**
 * This handler class will handle security tokens and returns TokenRights for user
 * @author Kushal
 *
 */
public class SecurityTokenHandler {

	public boolean getTokenRights(String applicationName,String tokenValue) {
		
		return new Boolean(hasSecurityTokenValue(applicationName, tokenValue));
		
	}

	private boolean hasSecurityTokenValue(String applicationName,String tokenValue) {
		
		ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.currentRequestAttributes();
	    HttpSession session = attributes.getRequest().getSession(true);
	    UserProfileTO userProfile = (UserProfileTO) session.getAttribute(ApplicationConstants.USERPROFILE_SESSION_OBJECT);
	    
	    if(userProfile != null){
	    	
	    	Map<String, List<String>> userTokenValues = userProfile.getUserTokenValues();
	    	
	    	if(userTokenValues != null && userTokenValues.size() > 0){
	    		
	    		if(userTokenValues.containsKey(applicationName)){
		 			
		 			List<String> tokenValues = userTokenValues.get(applicationName);
		 			if(tokenValues != null && tokenValues.size() > 0){
		 				
		 				if(tokenValues.contains("mustMatch_N")){
		 					return true;
		 				}
		 				
		 				if(tokenValues.contains(tokenValue)){
		 					return true;
		 				}
		 			}
		 		}
	    	}
	 		
	    }
	   
		return false;
		
	}
	
}
